Skip to content

refactor(sandbox): move secrets to supervisor placeholders#192

Merged
drew merged 11 commits intomainfrom
refactor/112-supervisor-managed-secret-placeholders
Mar 12, 2026
Merged

refactor(sandbox): move secrets to supervisor placeholders#192
drew merged 11 commits intomainfrom
refactor/112-supervisor-managed-secret-placeholders

Conversation

@drew
Copy link
Copy Markdown
Collaborator

@drew drew commented Mar 10, 2026

Summary

  • move provider secret values into a supervisor-only placeholder registry instead of exposing raw credentials to sandbox child processes
  • rewrite placeholder-based auth headers in forward-proxy and L7 REST flows so outbound requests still authenticate end to end
  • add regression coverage for placeholder env injection, proxy-time secret resolution, and the SSH handshake secret staying out of child environments

Testing

  • cargo test -p navigator-sandbox
  • mise run pre-commit
  • mise run sandbox (fails locally: cluster unreachable at 127.0.0.1:50337, so live e2e execution could not be completed in this environment)

Closes #112

@drew drew changed the title [e2e] refactor(sandbox): move secrets to supervisor placeholders refactor(sandbox): move secrets to supervisor placeholders Mar 10, 2026
@drew drew added the test:e2e Requires end-to-end coverage label Mar 10, 2026
@drew drew force-pushed the refactor/112-supervisor-managed-secret-placeholders branch 2 times, most recently from 8a90c85 to 7488e9e Compare March 12, 2026 01:10
drew added 4 commits March 12, 2026 00:01
@drew
refactor(sandbox): move secrets to supervisor placeholders
2fc671c
@drew
test(e2e): expect provider env placeholders
5d8f4f1
@drew
test(sandbox): verify real secrets reach destination via CONNECT L7 p…
8119e5c 
…roxy

Add e2e tests with dummy echo servers that confirm placeholder-to-secret
rewriting works end-to-end through the CONNECT tunnel with L7 REST
inspection. Also add Rust unit tests for the full round-trip flow from
provider env through header rewriting.
@drew
test(sandbox): add credential rewriting tests and clean up e2e helpers
26680ed 
Add two async unit tests in rest.rs verifying that the L7 relay
correctly rewrites credential placeholders (and that omitting the
resolver leaks them). Clean up test_sandbox_providers.py by
consolidating duplicate policy helpers and closure factories (~80 lines
removed). Update the local-inference example policy with proper TLS
termination config for NVIDIA and OpenCode endpoints.
@drew drew force-pushed the refactor/112-supervisor-managed-secret-placeholders branch from 7488e9e to 26680ed Compare March 12, 2026 07:43
drew added 7 commits March 12, 2026 00:50
@drew
wip
a906425
@drew
refactor(sandbox): rename placeholder prefix to openshell:resolve:env:
9524de7 
Replace the legacy nemo-placeholder:env: prefix with openshell:resolve:env:
across all source, test, and documentation files for consistency with the
OpenShell product branding.
@drew
test(e2e): remove proxy credential rewriting e2e tests
7c3624d 
The echo-server-based proxy rewriting tests run both client and server
inside the sandbox, so they only prove the proxy rewrites headers to a
destination the sandbox itself controls — not that an external service
receives real credentials. Remove the 3 tests and all associated
helpers.
@drew
feat(sandbox): add opencode network policy and fix nvidia_inference T…
663e5c8 
…LS config

Add opencode network policy with models.dev, registry.npmjs.org, and
opencode.ai endpoints. Fix nvidia_inference to include protocol: rest
and tls: terminate so the proxy can rewrite credential placeholders.
Add correct OpenCode binary paths to both policies.
@drew
wip
83e55cf
@drew
merge: resolve conflicts with main for secret_resolver and denial_tx …
5091b46 
…coexistence
@drew
style(sandbox): fix rustfmt formatting for handle_tcp_connection call
12e22e0
@drew drew merged commit 782bd95 into main Mar 12, 2026
10 checks passed
@drew drew deleted the refactor/112-supervisor-managed-secret-placeholders branch March 12, 2026 17:30
drew added a commit that referenced this pull request Mar 16, 2026
@drew
refactor(sandbox): move secrets to supervisor placeholders (#192)
b9d1086
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

test:e2e Requires end-to-end coverage

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

refactor: move secret values out of sandbox environment into supervisor-managed placeholders

1 participant

@drew